Computer and Electronics, Information Security and Privacy

Acer Philippines disclosed a data breach after a third-party vendor hack

Security Affairs

MARCH 13, 2024

In our commitment to full transparency, we wish to inform you of a recent security incident involving a third-party vendor managing employee attendance data. ph1ns told Bleeping Computer that Acer was hacked, but threat actors did not deploy any ransomware.

Data breaches

Data breaches Computer and Electronics Ransomware Sales

Data Protection: Where’s the Brexit Privacy Dividend?

Data Protector

AUGUST 17, 2020

No longer might UK privacy pros feel obliged to wait for the publication of weirdly worded EDPB opinions. Enormous amounts of money have been spent in a belated acknowledgement of, in many cases, decades of under investment on privacy issues. The GDPR has had a profound impact on many organisations. Was such a fine really appropriate?

Privacy

Privacy GDPR Personal data Computer and Electronics

STEPS FORWARD: Math geniuses strive to make a pivotal advance — by obfuscating software code

The Last Watchdog

NOVEMBER 16, 2020

Related: How Multi Party Computation is disrupting encrypti on An accomplished violinist, Einstein, no doubt, appreciated the symmetry of his metaphor. Simply put, iO must be achieved in order to preserve privacy and security while tapping into the next generation of IT infrastructure.

Computer and Electronics

Computer and Electronics Encryption Energy and Utilities Cloud

Indonesia Soon to Become the Fifth ASEAN Country to Adapt Data Privacy Laws

Security Affairs

OCTOBER 7, 2020

Any data that can be identifiable on its own or combined with other information, both direct and indirect through electronic or non-electronic systems. He holds a degree of Computer Science from Iqra University and specializes in Information Security & Data Privacy. General personal data v.

Data Privacy

Data Privacy Privacy Personal data Computer and Electronics

HHS Releases Guidance on Audio-Only Telehealth Practices

Hunton Privacy

JUNE 29, 2022

Department of Health and Human Services Office for Civil Rights (“OCR”) released guidance to help covered entities understand how they can use remote communication technologies for audio-only telehealth in compliance with the HIPAA Privacy and Security Rules (the “Guidance”).

Computer and Electronics

Computer and Electronics Communications Privacy Encryption

Cybersecurity, why a hotline number could be important?

Security Affairs

OCTOBER 6, 2023

Statistics show a steady increase in cyber attacks targeting citizens and businesses, causing financial, security and privacy damage. Europe too, with the right planning and cooperation, could adopt this innovative solution to preserve digital security in an increasingly interconnected world.

Cybersecurity

Cybersecurity Computer and Electronics Education Information Security

Podcast Episode 128: Do Security and Privacy have a Booth at CES?

The Security Ledger

JANUARY 8, 2019

In this episode of The Security Ledger podcast (#128): you're going to hear a lot from the annual Consumer Electronics Show (CES) out in Las Vegas this week, but are any of the new gadgets being released secure? And do security and privacy have a seat at the table at the world's largest electronics event?

Privacy

Privacy Computer and Electronics IoT Security

Security Affairs newsletter Round 463 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

MARCH 17, 2024

France Travail data breach impacted 43 Million people Scranton School District in Pennsylvania suffered a ransomware attack Lazarus APT group returned to Tornado Cash to launder stolen funds Moldovan citizen sentenced in connection with the E-Root cybercrime marketplace case UK Defence Secretary jet hit by an electronic warfare attack in Poland Cisco (..)

Data breaches

Data breaches Security Computer and Electronics Ransomware

China’s PIPL has finally arrived, and brings helpful clarification (rather than substantial change) to China’s data privacy framework

DLA Piper Privacy Matters

AUGUST 23, 2021

In good news for organisations handling personal information, China’s Personal Information Protection Law (“ PIPL ”) was finalised on 20 August 2021, and will come into force on 1 November 2021. In this regard, notified consent remains the primary (if not sole) basis for processing of personal information.

Data Privacy

Data Privacy Privacy Compliance Analytics

California Passes New Digital Privacy Law

Hunton Privacy

OCTOBER 21, 2015

On October 8, 2015, California Governor Jerry Brown signed into law the California Electronic Communications Privacy Act (“CalECPA”). The government also must obtain a warrant before requiring a business to produce an individual’s electronic information.

Computer and Electronics

Computer and Electronics Privacy Communications Cloud

Court Rules Fraud Involving a Computer Is Not ‘Computer Fraud’ under Crime Protection Policy

Hunton Privacy

OCTOBER 25, 2016

18, 2016), that a crime protection insurance policy does not cover loss resulting from a fraudulent email directing funds to be sent electronically to the imposter’s bank account because the scheme did not constitute “computer fraud” under the policy. Background. Read the full alert.

Computer and Electronics

Computer and Electronics Insurance IT Cybersecurity

Social engineering, deception becomes increasingly sophisticated

Security Affairs

FEBRUARY 20, 2023

This is done through deep learning methodologies such as the Generative Adversarial Network (GAN) i.e., a group of neural network models for machine learning, deputed to teach computers how to process information by emulating the human brain.

Artificial Intelligence

Artificial Intelligence Computer and Electronics Education Phishing

NIST Issues Guidelines on Security and Privacy in Public Cloud Computing

Hunton Privacy

FEBRUARY 7, 2011

The National Institute of Standards and Technology (“NIST”) has issued draft Guidelines on Security and Privacy in Public Cloud Computing (SP 800-144) (the “Guidelines”) for public comment. Ensure that the client-side computing environment meets organizational security and privacy requirements for cloud computing.

Cloud

Cloud Privacy Computer and Electronics Security

First Multistate HIPAA Data Breach Lawsuit May Signal Increased State Interest in Data Security Enforcement

Data Matters

FEBRUARY 6, 2019

On December 3, 2018, twelve attorneys general (“AGs”) jointly filed a data breach lawsuit against Medical Informatics Engineering and its subsidiary, NoMoreClipboard LLC (collectively “the Company”), an electronic health records company, in federal district court in Indiana. See Indiana v. Informatics Eng’g, Inc. , 3:18-cv-00969 (N.D.

Data breaches

Data breaches Computer and Electronics Security Insurance

Brazil Nominates Directors of the Brazil Data Protection Authority; Senate Approval Pending

Hunton Privacy

OCTOBER 16, 2020

Arthur Pereira Sabbat (five-year mandate), currently Director of the Information Security department of the Brazilian Presidency. Joacil Basilio Rael (four-year mandate), computer engineer who graduated from the Military Engineering Institute.

Computer and Electronics

Computer and Electronics Military Paper Communications

HHS Releases Guidance on HIPAA and Cloud Computing

Hunton Privacy

OCTOBER 20, 2016

Earlier this month, the Department of Health and Human Services’ Office for Civil Rights issued guidance (the “Guidance”) for HIPAA-covered entities that use cloud computing services involving electronic protected health information (“ePHI”).

Cloud

Cloud Computer and Electronics Access Risk

Draft Released in the Philippines Implementing Rules for the Data Privacy Act

Hunton Privacy

JUNE 28, 2016

On June 17, 2016, the National Privacy Commission (the “Commission”) of the Philippines released draft guidelines entitled, Implementing Rules and Regulations of the Data Privacy Act of 2012 (“IRR”), for public consultation. Consent of the data subject has to be evidenced by written, electronic or recorded means.

Data Privacy

Data Privacy Privacy Personal data Computer and Electronics

Microsoft Calls for Legislative Action to Set Rules for Cloud Computing

Hunton Privacy

JANUARY 22, 2010

Microsoft is urging Congress and the information technology industry to act now to ensure that cloud computing is guided by an international commitment to privacy, security and transparency for consumers, businesses and government.

Computer and Electronics

Computer and Electronics Cloud Privacy Communications

Snowden Ten Years Later

Schneier on Security

JUNE 6, 2023

I didn’t know either of them, but I have been writing about cryptography, security, and privacy for decades. I fly a lot—a quarter of a million miles per year—and being put on a TSA list, or being detained at the US border and having my electronics confiscated, would be a major problem. It made sense.

Computer and Electronics

Computer and Electronics Encryption Government Privacy

Hong Kong Regulator Imposes New Conditions to Regulate Outsourcing Arrangements for Cloud Storage

Data Matters

NOVEMBER 27, 2019

identical electronic records at both its approved premises and the EDSP (whether located in Hong Kong or elsewhere). identical electronic records at both its approved premises and the EDSP (whether located in Hong Kong or elsewhere). ensuring information security to prevent unauthorized access, tampering or destruction of records.

Cloud

Cloud Access Information Security Risk

Regulating Privacy Across Borders in the Digital Age

Hunton Privacy

NOVEMBER 18, 2010

On November 10, 2010, the American Bar Association’s Section of Antitrust Law’s International Committee and Corporate Counseling Committee hosted a webinar on “Regulating Privacy Across Borders in the Digital Age: An Emerging Global Consensus or Vive la Difference?”.

Privacy

Privacy Computer and Electronics Data Privacy Data breaches

Microsoft sued North Korea-linked Thallium group

Security Affairs

DECEMBER 30, 2019

The group is charges of violations of the Computer Fraud & Abuse Act and Electronic Communications Privacy Act; federal trademark infringement, dilution, and false designation of origin; cyber squatting; com mon law trespass to chattels; unjust enrichment; conversion; intentional interference with contracts. 27 in the U.S.

Computer and Electronics

Computer and Electronics Phishing Communications Privacy

HHS Announces HIPAA Settlement with UMass

Hunton Privacy

NOVEMBER 30, 2016

On November 22, 2016, the Department of Health and Human Services (“HHS”) announced a $650,000 settlement with University of Massachusetts Amherst (“UMass”), resulting from alleged violations of the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) Privacy and Security Rules. .

Computer and Electronics

Computer and Electronics Insurance Privacy Risk

Massachusetts Revises Information Security Regulations and Extends Deadline for Compliance

Hunton Privacy

AUGUST 20, 2009

On August 17, 2009, Massachusetts announced revisions to its information security regulations and extended the deadline for compliance with those regulations. ” First and foremost, the revisions emphasize a more flexible, risk-based approach to developing an information security program. .”

Information Security

Information Security Compliance Computer and Electronics Security

Malware Training Sets: FollowUP

Security Affairs

MAY 14, 2019

I am a computer security scientist with an intensive hacking background. I do have a MD in computer engineering and a PhD on computer security from University of Bologna. I do have experience on security testing since I have been performing penetration testing on several US electronic voting systems.

Artificial Intelligence

Artificial Intelligence Computer and Electronics Honeypots Cybersecurity

Weekly podcast: Yahoo hacker sentenced, acoustic DoS attack and GDPR compliance fails

IT Governance

JUNE 1, 2018

This week, we discuss the sentencing of one of the perpetrators of the 2013 Yahoo breach, a new type of denial-of-service attack that can crash computers just using sound and how not to email your customers. Hello and welcome to the IT Governance podcast for Friday, 1 June 2018. Here are this week’s stories.

GDPR

GDPR Compliance Computer and Electronics Data breaches

Portland, Oregon Becomes First Jurisdiction in U.S. to Ban the Commercial Use of Facial Recognition Technology

Hunton Privacy

SEPTEMBER 10, 2020

A face recognition search will typically result in one or more most likely candidates—or candidate images—ranked by computer-evaluated similarity or will return a negative result.”.

Computer and Electronics

Computer and Electronics Government Communications Access

GDPR and The Data Governance Imperative

AIIM

SEPTEMBER 12, 2018

This is the 12th post in a series on privacy by Andrew Pery. Data Privacy and Open Data: Secondary Uses under GDPR. Mitigate Data Privacy and Security Risks with Machine Learning. The Privacy and Security Dichotomy. Privacy by Design: The Intersection of Law and Technology. Obligations Analysis.

GDPR

GDPR Government Information governance Compliance

OCR Enters into Record Settlement with Anthem

Hunton Privacy

OCTOBER 22, 2018

Attackers were able to download malicious files to the employee’s computer and gain access to other Anthem systems that contained individuals’ names, Social Security numbers, medical identification numbers, addresses, dates of birth, email addresses and employment information. prevent unauthorized access to ePHI.

Computer and Electronics

Computer and Electronics Passwords Data breaches Compliance

Department of Commerce Issues Landmark Privacy Green Paper

Hunton Privacy

DECEMBER 16, 2010

Department of Commerce Internet Policy Task Force issued its “Green Paper” on privacy, entitled “ Commercial Data Privacy and Innovation in the Internet Economy: A Dynamic Policy Framework.” Renewing the U.S.’s Renewing the U.S.’s

Paper

Paper Privacy Computer and Electronics Data Privacy

FERC Approves NERC’s Supply Chain Risk Management Reliability Standards and Directs NERC to Expand Their Scope

Data Matters

OCTOBER 29, 2018

FERC also used the rule to direct NERC to expand scope of the Reliability Standards so that they covered Electronic Access Control and Monitoring Systems (“EACMS”) associated with medium and high impact bulk electric system (“BES”) Cyber Systems. Procedural History.

Risk

Risk Energy and Utilities Computer and Electronics Authentication

Failure to Secure Wireless Network Defeats ECPA Claims

Hunton Privacy

FEBRUARY 12, 2010

A computer user’s failure to secure his wireless network contributed to the defeat of his claim that a neighbor’s unwelcome access to his files violated the Electronic Communications Privacy Act (“ECPA”). The ECPA places restrictions on unauthorized interception of, and access to, electronic communications.

Computer and Electronics

Computer and Electronics Communications Security Libraries

OCR Issues Guidance on Disclosures to Family, Friends and Others

Hunton Privacy

JULY 26, 2018

Department of Health and Human Services’ Office for Civil Rights (“OCR”) provided guidance regarding identifying vulnerabilities and mitigating the associated risks of software used to process electronic protected health information (“ePHI”). HIPAA Administrative Safeguards. Report on Meltdown and Spectre vulnerabilities.

Computer and Electronics

Computer and Electronics Risk Cybersecurity Access

HHS Announces Settlements with Health Care System and Medical Research Institute over Potential HIPAA Violations

Hunton Privacy

MARCH 22, 2016

On March 16, 2016, and March 17, 2016, respectively, the Department of Health and Human Services (“HHS”) announced resolution agreements with North Memorial Health Care of Minnesota (“North Memorial”) and The Feinstein Institute for Medical Research (“Feinstein Institute”) over potential violations of the HIPAA Privacy Rule. North Memorial.

Computer and Electronics

Computer and Electronics Risk Passwords Privacy

Fund Managers Targeted in Sophisticated Cyberattacks

Data Matters

DECEMBER 10, 2019

For remote access to emails, trading systems and other electronic data containing confidential information, the authentication mechanism should utilize at least two of the following factors: what a person knows (e.g., Data privacy issues: Cyberattacks often involve identity theft. standard login passwords). biometrics).

Data breaches

Data breaches Insurance Authentication Risk

Fund Managers Targeted in Sophisticated Cyberattacks

Data Matters

DECEMBER 10, 2019

For remote access to emails, trading systems and other electronic data containing confidential information, the authentication mechanism should utilize at least two of the following factors: what a person knows (e.g., Data privacy issues: Cyberattacks often involve identity theft. standard login passwords). biometrics).

Data breaches

Data breaches Insurance Authentication Risk

Regulation of AI-Based Applications: The Inevitable New Frontier

AIIM

NOVEMBER 12, 2019

The Electronic Frontier Foundation alleges that the legislation’s requirements to disclose the humans who create the bots unduly restraints internet speech which the Supreme Court upheld as protected anonymous speech. There is a further legal issue that may be impacting the constitutionality of the California legislation.

Artificial Intelligence

Artificial Intelligence Computer and Electronics Communications Manufacturing

HHS Settles First HIPAA Enforcement Action Against a State Agency

Hunton Privacy

JUNE 27, 2012

In connection with the announcement, the HHS Office for Civil Rights (“OCR”) Director Leon Rodriguez stated that OCR “expect[s] organizations to comply with their obligations under [the HIPAA Security and Privacy Rules] regardless of whether they are private or public entities.”.

Computer and Electronics

Computer and Electronics Encryption Risk Compliance

German DPAs Issue Joint Position Paper on Alternatives to Safe Harbor

Hunton Privacy

OCTOBER 27, 2015

or other third countries should also use as guidance the German DPAs’ March 2014 resolutions on “Human Rights and Electronic Communication” and the October 2014 guidelines on “Cloud Computing.”. Companies that would like to export data to the U.S.

Paper

Paper Computer and Electronics Cloud Personal data

Security Ledger Podcast: Security Automation Is (And Isn't) The Future Of InfoSec

ForAllSecure

OCTOBER 9, 2019

Advances in the use of polymers revolutionized everything from food packaging to electronics, telecommunication and medicine. But how exactly will artificial intelligence help bridge the information security skills gap? They won with Mayhem, an assisted intelligence application security testing solution.

Security

Security Artificial Intelligence Computer and Electronics Libraries

The Hacker Mind Podcast: Hacking Charity

ForAllSecure

JULY 28, 2021

This office had sort of crawled to a halt, because they were processing kids that had lost their parents and they were trying to find profiles and sponsors for them, sponsors that pay for their schooling and all that stuff, and their network, their computers were so screwed up that they had to like stop. Download it from the EFF.org site.

Computer and Electronics

Computer and Electronics Communications Education IT

White House Proposes Cybersecurity Legislation

Hunton Privacy

MAY 19, 2011

Homeland Security Provisions. Finally, the proposal also seeks to address privacy protection issues. Finally, the proposal also seeks to address privacy protection issues. No information obtained could be used except as authorized. Puerto Rico and the U.S. Virgin Islands.

Cybersecurity

Cybersecurity Risk Privacy Data breaches

Security Ledger Podcast: Security Automation Is (And Isn't) The Future Of InfoSec

ForAllSecure

OCTOBER 9, 2019

Advances in the use of polymers revolutionized everything from food packaging to electronics, telecommunication and medicine. But how exactly will artificial intelligence help bridge the information security skills gap? They won with Mayhem, an assisted intelligence application security testing solution.

Security

Security Artificial Intelligence Computer and Electronics Libraries

SECURITY LEDGER PODCAST: SECURITY AUTOMATION IS (AND ISN'T) THE FUTURE OF INFOSEC

ForAllSecure

OCTOBER 9, 2019

Advances in the use of polymers revolutionized everything from food packaging to electronics, telecommunication and medicine. But how exactly will artificial intelligence help bridge the information security skills gap? They won with Mayhem, an assisted intelligence application security testing solution.

Security

Security Artificial Intelligence Computer and Electronics Libraries

Acer Philippines disclosed a data breach after a third-party vendor hack

Data Protection: Where’s the Brexit Privacy Dividend?

Trending Sources

STEPS FORWARD: Math geniuses strive to make a pivotal advance — by obfuscating software code

Indonesia Soon to Become the Fifth ASEAN Country to Adapt Data Privacy Laws

HHS Releases Guidance on Audio-Only Telehealth Practices

Cybersecurity, why a hotline number could be important?

Podcast Episode 128: Do Security and Privacy have a Booth at CES?

Security Affairs newsletter Round 463 by Pierluigi Paganini – INTERNATIONAL EDITION

China’s PIPL has finally arrived, and brings helpful clarification (rather than substantial change) to China’s data privacy framework

California Passes New Digital Privacy Law

Court Rules Fraud Involving a Computer Is Not ‘Computer Fraud’ under Crime Protection Policy

Social engineering, deception becomes increasingly sophisticated

NIST Issues Guidelines on Security and Privacy in Public Cloud Computing

First Multistate HIPAA Data Breach Lawsuit May Signal Increased State Interest in Data Security Enforcement

Brazil Nominates Directors of the Brazil Data Protection Authority; Senate Approval Pending

HHS Releases Guidance on HIPAA and Cloud Computing

Draft Released in the Philippines Implementing Rules for the Data Privacy Act

Microsoft Calls for Legislative Action to Set Rules for Cloud Computing

Snowden Ten Years Later

Hong Kong Regulator Imposes New Conditions to Regulate Outsourcing Arrangements for Cloud Storage

Regulating Privacy Across Borders in the Digital Age

Microsoft sued North Korea-linked Thallium group

HHS Announces HIPAA Settlement with UMass

Massachusetts Revises Information Security Regulations and Extends Deadline for Compliance

Malware Training Sets: FollowUP

Weekly podcast: Yahoo hacker sentenced, acoustic DoS attack and GDPR compliance fails

Portland, Oregon Becomes First Jurisdiction in U.S. to Ban the Commercial Use of Facial Recognition Technology

GDPR and The Data Governance Imperative

OCR Enters into Record Settlement with Anthem

Department of Commerce Issues Landmark Privacy Green Paper

FERC Approves NERC’s Supply Chain Risk Management Reliability Standards and Directs NERC to Expand Their Scope

Failure to Secure Wireless Network Defeats ECPA Claims

OCR Issues Guidance on Disclosures to Family, Friends and Others

HHS Announces Settlements with Health Care System and Medical Research Institute over Potential HIPAA Violations

Fund Managers Targeted in Sophisticated Cyberattacks

Fund Managers Targeted in Sophisticated Cyberattacks

Regulation of AI-Based Applications: The Inevitable New Frontier

HHS Settles First HIPAA Enforcement Action Against a State Agency

German DPAs Issue Joint Position Paper on Alternatives to Safe Harbor

Security Ledger Podcast: Security Automation Is (And Isn't) The Future Of InfoSec

The Hacker Mind Podcast: Hacking Charity

White House Proposes Cybersecurity Legislation

Security Ledger Podcast: Security Automation Is (And Isn't) The Future Of InfoSec

SECURITY LEDGER PODCAST: SECURITY AUTOMATION IS (AND ISN'T) THE FUTURE OF INFOSEC

Stay Connected